package test.microservice.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;

import java.util.ArrayList;
import java.util.Collection;

@Configuration
//@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    
    
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().anyRequest().permitAll();
//        http.
//                authorizeRequests().anyRequest().authenticated()
//                .and()
//                .httpBasic();
        
    }
    
    
    class CustomUserDetails implements UserDetails {
        
        private String username;
        private String password;
        private String role;
        
        public CustomUserDetails() {
        }
        
        public CustomUserDetails(String username, String password, String role) {
            this.username = username;
            this.password = password;
            this.role = role;
        }
        
        @Override
        public String getUsername() {
            return username;
        }
        
        public void setUsername(String username) {
            this.username = username;
        }
        
        @Override
        public String getPassword() {
            return password;
        }
        
        public void setPassword(String password) {
            this.password = password;
        }
        
        public String getRole() {
            return role;
        }
        
        public void setRole(String role) {
            this.role = role;
        }
        
        @Override
        public Collection<? extends GrantedAuthority> getAuthorities() {
            Collection<GrantedAuthority> authorities = new ArrayList<>();
            authorities.add(new SimpleGrantedAuthority(this.role));
            return authorities;
        }
        
        @Override
        public boolean isAccountNonExpired() {
            return false;
        }
        
        @Override
        public boolean isAccountNonLocked() {
            return false;
        }
        
        @Override
        public boolean isCredentialsNonExpired() {
            return false;
        }
        
        @Override
        public boolean isEnabled() {
            return false;
        }
        
    }
    
    @Component
    class CustomAuthenticationProvider implements AuthenticationProvider {
        
        @Override
        public Authentication authenticate(Authentication authentication) throws AuthenticationException {
            System.out.println(authentication.getDetails());
            String username = (String) authentication.getPrincipal();
            UserDetails userDetails = null;
            switch (username) {
                case "user":
                    userDetails = new CustomUserDetails("user", "psd111", "user-role");
                    break;
                case "admin":
                    userDetails =  new CustomUserDetails("admin", "psd222", "admin-role");
                    break;
            }
            return new UsernamePasswordAuthenticationToken(userDetails, "", userDetails.getAuthorities());
        }
        
        @Override
        public boolean supports(Class<?> authentication) {
            return authentication.equals(UsernamePasswordAuthenticationToken.class);
        }
    }
    
}
